Tags

Month: July 2016

Despite the history of offensive cyber activity being much longer than is commonly thought, cyber defense is still considered a new discipline. It is only relatively recently that states have established formal structures to provide for cyber defense, and cyber security more broadly. In this context, each nation has developed its own mix of public, private, and military organizations active in the field.

The relationships between these organizations are based on the nation’s unique circumstances, determining the overall shape of relations between the state and business, the approach to e-government, civilian control of the military, threat perception, and much more. The United States is no exception and has developed its own approach to organizing cyber defense based on factors specific to it. But the wide range of organizational approaches to reaching a “best fit” template for successful cyber defense raises the possibility that other nations may have developed approaches that could be usefully adopted in a U.S. context.

This Paper introduces four different foreign approaches to cyber defense, each very different from the U.S. model. In surveying the cyber defense organizations of Germany, Sweden, Norway, and Estonia, the Paper aims not only to provide baseline information on overseas structures and planning in order to facilitate U.S. cooperation with international partners, but also to provide policymakers with an overview of effective alternative approaches that may be applicable in a U.S. context.

Many cyber experts say the United States is woefully ill prepared for a sophisticated cyber attack and that each passing day brings it one step closer to a potential virtual Armageddon. While the problems hindering the development of an effective and comprehensive cyber deterrence policy are clear (threat measurement, attribution, information-sharing, legal codex development, and poor infrastructure, to name several), this article focuses on one aspect of the debate that heretofore has been relatively ignored: that the futility of governmental innovation in terms of defensive efficacy is a relatively constant and shared weakness across all modern great powers, whether the United States, China, Russia, or others. In other words, every state that is concerned about the cyber realm from a global security perspective is equally deficient and vulnerable to offensive attack; therefore, defensive cyber systems are likely to remain relatively impotent across the board.

As cyber-attacks dominate front-page news, as hackers join terrorists on the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War, by Slate columnist and Pulitzer Prize–winning journalist Fred Kaplan.

Kaplan probes the inner corridors of the National Security Agency, the beyond-top-secret cyber units in the Pentagon, the “information warfare” squads of the military services, and the national security debates in the White House, to tell this never-before-told story of the officers, policymakers, scientists, and spies who devised this new form of warfare and who have been planning—and (more often than people know) fighting—these wars for decades.

From the 1991 Gulf War to conflicts in Haiti, Serbia, Syria, the former Soviet republics, Iraq, and Iran, where cyber warfare played a significant role, Dark Territory chronicles, in fascinating detail, a little-known past that shines an unsettling light on our future.